package com.hzit.security.config;

import com.hzit.security.handler.HzitAccessDeniedHandler;
import com.hzit.security.handler.HzitAuthenticationFailureHandler;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.WebSecurityConfigurer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.authentication.AuthenticationEntryPointFailureHandler;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import tk.mybatis.spring.annotation.MapperScan;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 类名：
 * 作者：WF
 * 功能：目前己经过时
 */
// @Configuration
// @MapperScan("com.hzit.security.mapper")
// public class HzitSecurityConfig extends WebSecurityConfigurerAdapter {
// 	@Autowired
// 	private UserDetailsService userDetailsService;
// 	@Autowired
// 	private HzitAuthenticationFailureHandler authenticationFailureHandler;
//
// 	@Override
// 	protected void configure(HttpSecurity http) throws Exception {
// 		//第一：配置认证出错后的处理逻辑
// 		// http.exceptionHandling()
// 		// 		.accessDeniedPage("/autherror.html")        // 授权异常，没有访问资源的权限
// 		//第二：配置认证过程中的处理业务
// 			http
// 				.formLogin()
// 				.failureHandler(authenticationFailureHandler)   // 认证失败后的处理逻辑
// 				//.failureUrl("/autherror.html")          // 认证失败后跳转的页面，此时还要放行页面
// 				.loginPage("/user/login")                // 登录页面
// 				.loginProcessingUrl("/login")            // 登录处理页面
// 				.and()
// 				.authorizeRequests()
// 				//.antMatchers("/webjars/**","/user/login","/autherror.html").permitAll()       // 放行：/webjars/**及/user/login，可以用63行重写的方法代替
// 				.anyRequest().authenticated()           // 其它请求必须要经过认证之后才能访问
// 				.and()
// 				.csrf().disable();                      // 禁用csrf（请求跨域伪造）
// 	}
//
// 	//配置userDetailsService进行用户名及密码的认证
// 	@Override
// 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// 		auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
// 	}
// 	//也可以这样放行资源
// 	@Override
// 	public void configure(WebSecurity web) throws Exception {
// 		web.ignoring().mvcMatchers("/webjars/**","/user/login","/autherror.html");
// 	}
// 	//配置密码加密器
// 	@Bean
// 	public PasswordEncoder passwordEncoder(){
// 		return new BCryptPasswordEncoder();
// 	}
// }
